From 675b37002e2625dee9de5976e982f7fb46377527 Mon Sep 17 00:00:00 2001 From: Heiko Reese Date: Wed, 11 Aug 2021 01:45:30 +0200 Subject: [PATCH] =?UTF-8?q?=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/libexim-kitencrypt-dlfunc.c | 68 ++++++++++++++++++++++++++++----- 1 file changed, 58 insertions(+), 10 deletions(-) diff --git a/src/libexim-kitencrypt-dlfunc.c b/src/libexim-kitencrypt-dlfunc.c index a541698..5d49607 100644 --- a/src/libexim-kitencrypt-dlfunc.c +++ b/src/libexim-kitencrypt-dlfunc.c @@ -9,13 +9,14 @@ /* Exim4 dlfunc API header */ #include -int kitencrypt(uschar **yield, int argc, uschar *argv[]) { - int sinit; +/* + * Encrypt first argument with fixed public key from recipient_pk.h + */ +int sodium_crypto_box_seal_kit(uschar **yield, int argc, uschar *argv[]) { size_t messagelen; unsigned char * message; - sinit = sodium_init(); - if (sinit == -1 ) { + if (sodium_init() == -1 ) { *yield = string_copy(US"Unable to initialize libsodium"); return ERROR; } @@ -26,7 +27,54 @@ int kitencrypt(uschar **yield, int argc, uschar *argv[]) { // get cleartext message message = argv[0]; - messagelen = strlen(message); + messagelen = strlen((const char *) message); + + // prepare buffer for ciphertext + unsigned int cipherlen = messagelen + crypto_box_SEALBYTES; + unsigned char * ciphertext = malloc(cipherlen); + sodium_memzero(ciphertext, cipherlen); + + // encrypt message + crypto_box_seal(ciphertext, message, messagelen, recipient_pk); + + // base64-encode the ciphertext + unsigned int outputsize = sodium_base64_ENCODED_LEN(cipherlen, sodium_base64_VARIANT_ORIGINAL); + unsigned char * outstring = malloc(outputsize); + sodium_memzero(outstring, outputsize); + + sodium_bin2base64((char * const) outstring, outputsize, + ciphertext, cipherlen, + sodium_base64_VARIANT_ORIGINAL); + free(ciphertext); + + // return base64-encoded ciphertext + *yield = string_copy(outstring); + free(outstring); + + return OK; +} + +/* + * Encrypt first argument with passworf from the second argument + */ +/* +// https://libsodium.gitbook.io/doc/hashing/short-input_hashing +int sodium_crypto_box_seal_password(uschar **yield, int argc, uschar *argv[]) { + size_t messagelen; + unsigned char * message; + + if (sodium_init() == -1 ) { + *yield = string_copy(US"Unable to initialize libsodium"); + return ERROR; + } + if (argc != 2) { + *yield = string_sprintf("Wrong number of arguments (got %i, expected 1)", argc); + return ERROR; + } + + // get cleartext message + message = argv[0]; + messagelen = strlen((const char *) message); // prepare buffer for ciphertext unsigned int cipherlen = messagelen + crypto_box_SEALBYTES; @@ -37,19 +85,19 @@ int kitencrypt(uschar **yield, int argc, uschar *argv[]) { crypto_box_seal(ciphertext, message, messagelen, recipient_pk); // base64-encode the ciphertext - unsigned int outputsize = sodium_base64_ENCODED_LEN(cipherlen, sodium_base64_VARIANT_URLSAFE); + unsigned int outputsize = sodium_base64_ENCODED_LEN(cipherlen, sodium_base64_VARIANT_ORIGINAL); unsigned char * outstring = malloc(outputsize); explicit_bzero(outstring, outputsize); - sodium_bin2base64(outstring, outputsize, + sodium_bin2base64((char * const) outstring, outputsize, ciphertext, cipherlen, - sodium_base64_VARIANT_URLSAFE); - + sodium_base64_VARIANT_ORIGINAL); free(ciphertext); + // return base64-encoded ciphertext *yield = string_copy(outstring); - free(outstring); return OK; } +*/